2020.3.1 - 2020-03-27 TUN-2846: Trigger debug reconnects from stdin commands, not SIGUSR1 2020.3.0 - 2020-03-23 AUTH-2394 fixed header for websockets. Added TCP alias - 2020-03-10 TUN-2797: Fix panic in SetConnDigest by making mutexes values. - 2020-03-13 TUN-2807: cloudflared hello-world shouldn't assume it's my first tunnel - 2020-03-13 TUN-2756: Set connection digest after reconnect. - 2020-03-16 TUN-2812: Tunnel proxies and RPCs can share an edge address - 2020-03-18 TUN-2816: cloudflared metrics server should be more discoverable - 2020-03-19 TUN-2820: Serialized headers for Websockets - 2020-03-19 TUN-2819: cloudflared should close its connections when a signal is sent - 2020-03-19 TUN-2823: Bugfix. cloudflared would hang forever if error occurred. - 2020-03-10 TUN-2796: Implement HTTP2 CONTINUATION headers correctly - 2020-03-02 TUN-2779: update sample HTML pages - 2020-03-04 TUN-2785: Use reconnect token by default - 2020-03-05 TUN-2754: Add ConnDigest to cloudflared and its RPCs - 2020-03-06 TUN-2755: ReconnectTunnel RPC now transmits ConnectionDigest - 2020-03-06 TUN-2761: Use the new header management functions in cloudflared - 2020-03-06 TUN-2788: cloudflared should store one ConnDigest per HA connection - 2020-02-26 TUN-2767: Test for large headers - 2020-02-28 do not terminate tunnel if origin is not reachable on start-up (#177) - 2020-02-28 TUN-2776: Add header serialization feature in cloudflared - 2020-02-21 TUN-2748: Insecure randomness vulnerability in github.com/miekg/dns 2020.2.1 - 2020-02-20 TUN-2745: Rename existing header management functions - 2020-02-21 TUN-2746: Add the new header management functions - 2020-02-25 perf(cloudflared): reuse memory from buffer pool to get better throughput (#161) - 2020-02-25 Tweak HTTP host header. Fixes #107 (#168) - 2020-02-25 TUN-2765: Add list of features to tunnelrpc - 2020-02-19 TUN-2725: Specify in code that --edge is for internal testing only - 2020-02-19 TUN-2703: Muxer.Serve terminates when its context is Done - 2020-02-09 TUN-2717: Function to serialize/deserialize HTTP headers - 2020-02-05 TUN-2714: New edge discovery. Connections try to reconnect to the same edge IP. 2020.2.0 - 2020-01-30 TUN-2651: Fix panic in h2mux reader when a stream error is encountered - 2020-01-27 TUN-2645: Revert "TUN-2645: Turn on reconnect tokens" - 2020-01-28 TUN-2693: Metrics for ReconnectTunnel - 2020-01-28 TUN-2696: Add unknown registerRPCName - 2020-01-28 TUN-2699: Metrics for Authenticate RPCs - 2020-01-28 TUN-2690: cloudflared reconnect uses wrong context - 2020-01-29 TUN-2707: Inconsistent cardinality in tunnel error metrics - 2020-01-13 TUN-2645: Turn on reconnect tokens - 2019-12-23 TUN-2646: Make --edge flag work again for local development 2019.12.0 - 2019-12-11 TUN-2631: only notify that activeStreamMap is closed if ignoreNewStreams=true - 2019-12-17 bug(cloudflared): Set the MaxIdleConnsPerHost of http.Transport to proxy-keepalive-connections (#155) - 2019-12-17 refactor(docker): optimize Dockerfile (#126) - 2019-12-19 Fix timer scheduling for systemd update service (#159) - 2019-12-13 TUN-2637: Manage edge IPs in a region-aware manner - 2019-12-03 bug(cloudflared): nil pointer deference on h2DictWriter Close() (#154) - 2019-12-03 TUN-2608: h2mux.Muxer.Shutdown always returns a non-nil channel - 2019-12-04 TUN-2555: origin/supervisor.go calls Authenticate - 2019-12-06 TUN-2554: cloudflared calls ReconnectTunnel - 2019-11-20 TUN-2575: Constructors + simpler conversions for AuthOutcome - 2019-11-22 Fix Docker build failure (#149) - 2019-11-21 TUN-2573: Refactor TunnelRegistration into PermanentRegistrationError, RetryableRegistrationError and SuccessfulTunnelRegistration - 2019-11-22 TUN-2582: EventDigest field in tunnelrpc - 2019-11-22 Fix "happy eyeballs" not being disabled since Golang 1.12 upgrade * The Dialer.DualStack setting is now ignored and deprecated; RFC 6555 Fast Fallback ("Happy Eyeballs") is now enabled by default. To disable, set Dialer.FallbackDelay to a negative value. - 2019-11-25 TUN-2591: ReconnectTunnel now sends EventDigest - 2019-11-21 TUN-2606: add DialEdge helpers - 2019-11-21 TUN-2607: add RPC stream helpers 2019.11.3 - 2019-11-20 TUN-2562: Update Cloudflare Origin CA RSA root 2019.11.2 - 2019-11-18 TUN-2567: AuthOutcome can be turned back into AuthResponse - 2019-11-18 TUN-2563: Exposes config_version metrics 2019.11.1 - 2019-11-12 Add db-connect, a SQL over HTTPS server - 2019-11-12 TUN-2053: Add a /healthcheck endpoint to the metrics server - 2019-11-13 TUN-2178: public API to create new h2mux.MuxedStreamRequest - 2019-11-13 TUN-2490: respect original representation of HTTP request path - 2019-11-18 TUN-2547: TunnelRPC definitions for Authenticate flow - 2019-11-18 TUN-2551: TunnelRPC definitions for ReconnectTunnel flow - 2019-11-05 TUN-2506: Expose active streams metrics 2019.11.0 - 2019-11-04 TUN-2502: Switch to go modules - 2019-11-04 TUN-2500: Don't send client registration errors to Sentry - 2019-11-04 TUN-2489: Delete stream from activestreammap when read and write are both closed - 2019-11-05 TUN-2505: Terminate stream on receipt of RST_STREAM; MuxedStream.CloseWrite() should terminate the MuxedStream.Write() loop - 2019-10-30 TUN-2451: Log inavlid path - 2019-10-22 TUN-2425: Enable cloudflared to serve multiple Hello World servers by having each of them create its own ServeMux - 2019-10-22 AUTH-2173: Prepends access login url with scheme if one doesnt exist - 2019-10-23 TUN-2460: Configure according to the ClientConfig recevied from a successful Connect - 2019-10-23 AUTH-2177: Reads and writes error streams 2019.10.4 - 2019-10-21 TUN-2450: Remove Brew publishing formula 2019.10.3 - 2019-10-18 Fix #129: Excessive memory usage streaming large files (#142) 2019.10.2 - 2019-10-17 AUTH-2167: Adds CLI option for host key directory 2019.10.1 - 2019-10-17 Adds variable to fix windows build 2019.10.0 - 2019-10-11 AUTH-2105: Dont require --destination arg - 2019-10-14 TUN-2344: log more details: http2.Framer.ErrorDetail() if available, connectionID - 2019-10-16 AUTH-2159: Moves shutdownC close into error handling AUTH-2161: Lowers size of preamble length AUTH-2160: Fixes url parsing logic - 2019-10-16 AUTH-2135: Adds support for IPv6 and tests - 2019-10-02 AUTH-2105: Adds support for local forwarding. Refactor auditlogger creation. AUTH-2088: Adds dynamic destination routing - 2019-10-09 AUTH-2114: Uses short lived cert auth for outgoing client connection - 2019-09-30 AUTH-2089: Revise ssh server to function as a proxy 2019.9.2 - 2019-09-26 TUN-2355: Roll back TUN-2276 2019.9.1 - 2019-09-23 TUN-2334: remove tlsConfig.ServerName special case - 2019-09-23 AUTH-2077: Quotes open browser command in windows - 2019-09-11 AUTH-2050: Adds time.sleep to temporarily avoid hitting tunnel muxer dealock issue - 2019-09-10 AUTH-2056: Writes stderr to its own stream for non-pty connections - 2019-09-16 TUN-2307: Capnp is the only serialization format used in tunnelpogs - 2019-09-18 TUN-2315: Replace Scope with IntentLabel - 2019-09-17 TUN-2309: Split ConnectResult into ConnectError and ConnectSuccess, each implementing its own capnp serialization logic - 2019-09-18 AUTH-2052: Adds tests for SSH server - 2019-09-18 AUTH-2067: Log commands correctly - 2019-09-19 AUTH-2055: Verifies token at edge on access login - 2019-09-04 TUN-2201: change SRV records used by cloudflared - 2019-09-06 TUN-2280: Revert "TUN-2260: add name/group to CapnpConnectParameters, remove Scope" - 2019-09-03 AUTH-1943 hooked up uploader to logger, added timestamp to session logs, add tests - 2019-09-04 AUTH-2036: Refactor user retrieval, shutdown after ssh server stops, add custom version string - 2019-09-06 AUTH-1942 added event log to ssh server - 2019-09-04 AUTH-2037: Adds support for ssh port forwarding - 2019-09-05 TUN-2276: Path encoding broken 2019.9.0 - 2019-09-05 TUN-2279: Revert path encoding fix - 2019-08-30 AUTH-2021 - check error for failing tests - 2019-08-29 AUTH-2030: Support both authorized_key and short lived cert authentication simultaniously without specifiying at start time - 2019-08-29 AUTH-2026: Adds support for non-pty sessions and inline command exec - 2019-08-26 AUTH-1943: Adds session logging - 2019-08-26 TUN-2162: Decomplect OpenStream to allow finer-grained timeouts - 2019-08-29 TUN-2260: add name/group to CapnpConnectParameters, remove Scope 2019.8.4 - 2019-08-30 Fix #111: Add support for specifying a specific HTTP Host: header on the origin. (#114) - 2019-08-22 TUN-2165: Add ClientConfig to tunnelrpc.ConnectResult - 2019-08-20 AUTH-2014: Checks users login shell - 2019-08-26 TUN-2243: Revert "STOR-519: Add db-connect, a SQL over HTTPS server" - 2019-08-27 TUN-2244: Add NO_AUTOUPDATE env var - 2019-08-22 AUTH-2018: Adds support for authorized keys and short lived certs - 2019-08-28 AUTH-2022: Adds ssh timeout configuration - 2019-08-28 TUN-1968: Gracefully diff StreamHandler.UpdateConfig - 2019-08-26 AUTH-2021 - s3 bucket uploading for SSH logs - 2019-08-19 AUTH-2004: Adds static host key support - 2019-07-18 AUTH-1941: Adds initial SSH server implementation 2019.8.3 - 2019-08-20 STOR-519: Add db-connect, a SQL over HTTPS server - 2019-08-20 Release 2019.8.2 - 2019-08-20 Revert "AUTH-1941: Adds initial SSH server implementation" - 2019-08-11 TUN-2163: Add GrapQLType method to Scope interface - 2019-08-06 TUN-2152: Requests with a query in the URL are erroneously escaped - 2019-07-18 AUTH-1941: Adds initial SSH server implementation 2019.8.1 - 2019-08-05 TUN-2111: Implement custom serialization logic for FallibleConfig and OriginConfig - 2019-08-06 Revert "TUN-1736: Missing headers when passing an invalid path" 2019.8.0 - 2019-07-11 TUN-1956: Go 1.12 update - 2019-07-24 TUN-1736: Missing headers when passing an invalid path - 2019-07-30 TUN-2117: read group/system-name from CLI, send it to edge - 2019-08-02 TUN-2125: Add PostgresType() to Scope - 2019-08-05 TUN-2147: Implemented ScopeUnmarshaler - 2019-07-31 TUN-2110: Implement custom deserialization logic for OriginConfig - 2019-07-31 AUTH-1972: Deletes token lock file if backoff retry attempts exceeded and intercepts signals until lock is released 2019.7.0 - 2019-05-28 TUN-1913: Define OriginService for each type of origin - 2019-04-29 Build a docker container - 2019-06-12 TUN-1952: Group ClientConfig fields by the component that uses the config, and return the part of the config that failed to be applied - 2019-06-05 TUN-1893: Proxy requests to the origin based on tunnel hostname - 2019-06-17 TUN-1961: Create EdgeConnectionManager to maintain outbound connections to the edge - 2019-06-18 TUN-1885: Reconfigure cloudflared on receiving new ClientConfig - 2019-06-19 TUN-1976: Pass tunnel hostname through header - 2019-06-20 TUN-1982: Load custom origin CA when OriginCAPool is specified - 2019-06-26 TUN-2005: Upgrade logrus - 2019-06-20 TUN-1981: Write response header & body on proxy error to notify eyeballs of failure category - 2019-06-20 TUN-1977: Validate OriginConfig has valid URL, and use scheme to determine if a HTTPOriginService is expecting HTTP or Unix - 2019-06-13 DoH: change the media type to application/dns-message - 2019-06-26 AUTH-1736: Better handling of token revocation 2019.6.0 - 2019-05-17 TUN-1828: Update declarative tunnel config struct - 2019-05-29 Handle exit code on err - 2019-05-29 AUTH-1802: Fixed ssh-config templating - 2019-05-30 TUN-1914: Conflate HTTP and Unix OriginConfig, and add TLS config to WebSocketOriginConfig - 2019-06-03 AUTH-1811: ssh-gen config fixes 2019.5.0 - 2019-04-25 TUN-1781: ServeStream should return early on error - 2019-04-30 TUN-1786: Remove low-level Windows service logging - 2019-05-03 TUN-1807: Send cloudflared version in Connect RPC - 2019-01-23 AUTH-1557: Short Lived Certs - 2019-05-13 TUN-1847: Log a distinct message when OpenStream fails while waiting for response headers - 2019-05-13 AUTH-1706: fixes and testing - 2019-05-22 TUN-1880: Save debug and warn level log to logfile - 2019-05-22 AUTH-1781: fixed race condition for short lived certs, doc required config 2019.4.1 - 2019-03-18 TUN-1626: Create new supervisor to establish connection with origintunneld - 2019-04-04 TUN-1619: Add flag to test declarative tunnels. - 2019-04-05 TUN-1577: decompose carrier.StartServer to make TestStartServer less flappy - 2019-03-29 TUN-1606: Define CloudflaredConfig RPC structure, interface for cloudflared's RPC server - 2019-04-02 TUN-1682: Add context to OpenStream to prevent it from blocking indefinitely. - 2019-04-16 TUN-1732: cloudflared metrics should track userHostnames - 2019-04-17 TUN-1734: Pin packages at exact versions - 2019-04-18 TUN-1669: Update license message in help text. Also fix test 2019.4.0 - 2019-03-28 TUN-1648: ConnectionID is now a UUID - 2019-04-01 TUN-1673: Conflate Hello and Connect RPCs 2019.3.2 - 2019-03-22 TUN-1637: Free tunnels shouldn't require cert.pem - 2019-03-18 TUN-1604: Define Connect RPC call 2019.3.1 - 2019-03-09 Add rdp as a supported protocol in URL validation (#76) - 2019-03-15 TUN-1613: improved cloudflared RegisterTunnel fail metrics - 2019-03-17 TUN-1615: revert miekg/dns to last known working revision 2019.3.0 - 2018-12-28 make http transport aware of proxy from envvar - 2019-02-28 TUN-1559: fix nil dereference in TunnelConfig.CloseConnOnce - 2019-03-04 TUN-1451: Make non-interactive, non-service execution possible on Windows - 2019-03-04 TUN-1562: Refactor connectedSignal to be safe to close multiple times - 2019-02-27 TUN-1550: Add validation timeout for non-responsive origins - 2019-03-06 AUTH-1531: Named flags for ssh service tokens - 2019-02-14 Support unix sockets. - 2019-03-08 TUN-1389: Non-scalar flags in a cloudflared config.yml don't get logged - 2019-03-07 TUN-1522: If we can't get SRV from default resolver, get them from 1.1.1.1 DoT 2019.2.1 - 2019-02-14 TUN-1381: should tell you if you're on the latest version rather than just exiting silently - 2019-02-15 TUN-1467: build with Go 1.11 - 2019-02-15 AUTH-1519: Added logging - 2019-02-19 TUN-1525: cloudflared metrics for registration success/fail - 2019-02-19 TUN-1510: Wrap the close() in sync.Once.Do 2019.2.0 - 2019-01-24 AUTH-1462: better curl arg parsing - 2019-02-01 TUN-1456: Only make one UUID - 2019-01-30 cloudflared/linux_service: Add missing /etc/init.d shebang - 2019-02-07 AUTH-1511: Add custom headers for ssh command - 2019-02-01 AUTH-1503: Added RDP support - 2019-02-01 AUTH-1403: Print the paths in the ssh-config instructions 2019.1.0 - 2018-12-10 TUN-1231: Horizontal overflow wrapping on the Hello page - 2018-12-17 TUN-1140: Show usage if invoked with no args or config - 2018-11-06 TUN-632 Filter out common network exceptions from going to Sentry on StartServer - 2019-01-07 TUN-1138: Install cloudflared service directory with 755 permissions - 2019-01-07 TUN-1265: Silent exit when failing to parse config - 2019-01-10 TUN-1350: Enhance error messages with cloudflarestatus.com link, if relevant - 2019-01-16 TUN-1358: Close readyList after Muxer.Serve() has stopped running - 2019-01-24 AUTH-1423: move from stdout to stderr - 2019-01-24 AUTH-1404: reauth if the token is about to expire within 15 minutes - 2019-01-24 AUTH-1459: improved ssh streaming error message - 2019-01-24 AUTH-1211: print all the versions - 2019-01-24 AUTH-1337: fix url path - 2019-01-28 TUN-1418: Rename ProtocolLogger to TransportLogger, and use TransportLogger to log RPC events. - 2019-01-28 TUN-1419: Identify request/response headers/content length with ray ID 2018.12.1 - 2018-12-11 TUN-1270: cloudflared panic (HA metrics missing label) 2018.12.0 - 2018-11-15 TUN-1196: Allow TLS config client CA and root CA to be constructed from multiple certificates - 2018-11-20 TUN-1209: TLS Config Certificates and GetCertificate can both be set - 2018-11-26 TUN-1212: Expose tunnel_id in metrics - 2018-11-30 TUN-1204: remove 'cloudflared hello' command - 2018-12-04 Fix license URL typo - 2018-12-07 TUN-1250: ValidateHTTPService shouldn't follow 302s 2018.11.0 - 2018-10-31 AUTH-1282: Fixed an issue where we were receiving as opposed sending on the channel. - 2018-11-06 TUN-1179: Fix log message in cmd/cloudflared/transfer.Run - 2018-11-13 AUTH-1308: get jwt even when you are already logged in - 2018-11-12 TUN-1190: check URL parse error when starting SSH proxy server - 2018-11-15 AUTH-1320: Fixed request issue and unhide the ssh command 2018.10.5 - 2018-10-18 TUN-968: Flow control for large requests/responses - 2018-10-26 TUN-1158: Windows: use process arguments rather than trivial service arguments - 2018-10-20 #30: Fix the Content-Length header for HTTP2->HTTP1 - 2018-10-29 TUN-1160: pass Host header during origin url validation 2018.10.4 - 2018-09-21 AUTH-1070: added SSH/protocol forwarding - 2018-10-19 AUTH-1235: fixed packaging of deb dev file - 2018-10-19 TUN-1097: Host missing from WebSocket request - 2018-10-19 AUTH-1188: UX Review and Changes for CLI SSH Access 2018.10.3 - 2018-10-08 TUN-1099: Bring back changes in 2018.10.1 - 2018-10-08 TUN-1098: removed deprecation error - 2018-10-08 TUN-1101: False negatives in Cloudflared error reporting 2018.10.2 - 2018-10-06 TUN-1093: Revert cloudflared to 2018.8.0 2018.10.1 - 2018-10-03 TUN-1012: Normalize config filename for Linux services - 2018-10-05 TUN-1081: cloudflared now generates UUIDs - 2018-10-05 TUN-1083: fixed incorrect help menu - 2018-10-05 TUN-1086: fixed config option 2018.10.0 - 2018-08-15 AUTH-910, AUTH-1049, AUTH-1068, AUTH-1056: Generate and store Access tokens with E2EE option, curl/cmd wrapper - 2018-09-11 TUN-890: To support free tunnels, hostname can now be "" - 2018-09-12 TUN-810: Cloudflared should open dash/argotunnel not dash/warp - 2018-09-12 TUN-985: Don't display tunnel ID if it's empty string - 2018-09-11 TUN-881: Display trial zone URL upon successful registration - 2018-09-11 TUN-868: HTTP/HTTPS mismatch should have a better error message - 2018-09-19 TUN-1028: Unhide cloudflared compression flag - 2018-09-20 AUTH-1139: refactored cloudflared help menu - 2018-09-20 TUN-1035: New text for cloudflared tunnel --help - 2018-09-18 AUTH-1136: addressing beta feedback - 2018-09-26 AUTH-1165: hide access command - 2018-09-26 TUN-1046: Document that delta compression is a beta feature - 2018-09-28 TUN-1056: Lint error broke build - 2018-09-27 TUN-1052: Origintunneld can send back an Origincert to Cloudflared - 2018-09-28 TUN-1052: Changing type of OriginCert to :Data - 2018-10-01 TUN-1062: Makefile target for regenerating Capn Proto definitions - 2018-10-02 TUN-1064: Revert OriginCert capnp changes in Cloudflared. Reverts commits a1ee2342e97 and 8c756c45785. - 2018-10-03 TUN-1076: Pin capnproto2 to version 2.17.1 - 2018-10-03 AUTH-1199: unhide access command, added beta label 2018.8.0 - 2018-05-01 Initial commit - 2018-05-03 TUN-595: Add License/Readme files to cloudflared - 2018-05-01 TUN-528: Move cloudflared into a separate repo - 2018-07-24 TUN-813: Clean up cloudflared dependencies - 2018-07-25 TUN-814: Handle error in CreateTLSListener before closing listener - 2018-07-24 TUN-804: create Makefile recipe to build cloudflared and run tests - 2018-07-26 TUN-817: Increase the log time precision - 2018-07-30 TUN-828: Added Connection: keep-alive header - 2018-07-30 TUN-829: prefer p256 curve - 2018-07-31 TUN-834: Enable tracing on cloudflared - 2018-08-07 TUN-820: Fix caddyfile gitignore - 2018-07-25 TUN-804: create make recipe for building deb package - 2018-08-07 TUN-861: Disable cloudflared tracing by default; preserve the latest tracefile - 2018-08-07 TUN-857: Pull the brotli-go dependency from Github - 2018-08-14 TUN-897: Bring back missing Brotli files - 2018-07-26 TUN-804: create makefile recipe to release cloudflared using equinox - 2018-08-15 TUN-901: makefile target for homebrew release - 2018-07-30 TUN-801: Rapid SQL Proxy - 2018-08-27 TUN-833: Don't log system root certificate loading failure on Windows